Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
ok, i dont like posting without research beforehand, but i cant find any basic tutorials on this. I have a Gentoo box with two nic's. It is gonna be the router for my network among other things. eth0 is connected directly to my DSL modem, and the modem is forwarding all ports to eth0. eth1 is going to a switch, which two other pc's are connected to.
setup:
dsl modem(192.168.1.254) ----> eth0(192.168.1.100)<Linux>-----
iptables is supported by the kernel, and is loaded.
ip forwarding is enabled. eth1 is set as the default gateway for the pc's. i cant start iptables because there are no rules. i need to know exactly which files to add and modify so that iptables has a basis to start. i dont care about any firewall functions right now. Just NAT and ip masquerading so that the pc's can connect to the net. There is no rc.d directory on gentoo or rc.local. the problem is every tutorial is for red hat(ugh).the only iptables config files are in /etc/init.d and /etc/conf.d. the iptables program is in /sbin/iptables along with iptables-restore and iptables-save.
so again, the thing i need to know is where are the config files i need to add and modify, and what are basic commands i need to add to set up NAT and ip masquerading. basic meaning forwarding all ports to and from eth0 to eth1. thanks
There aren't config files for iptables, I think.. and you wont make it only with few 'basic commands'. I suggest you to read the '$ man iptables' carefully, and especially the MASQUERADING section.. there's a MASQ-HOWTO in your documentation directory, too. Read it, there are a lot of useful things.
Here's the 'basic command' that you could explore:
Code:
iptables -A FORWARD -i eth0 -o eth1 -m state --state ESTABLISHED,RELATED
iptables -A FORWARD -i eth1 -o eth0 -j ACCEPT
iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE
thanks but i cant use commands until iptables is working. it is set to run at boot, and when it tries it says it cant start, there is no rules, create some rules first. so i need to know which files are need and why it wont start. but thx anyway
ivanatora is indeed right. There are no config files for iptables. However, there are two programs called iptables-save and iptables-restore. iptables-save outputs a config type file that's really just a cat of your iptable rules with some extra schtuff in it like packet counters and whatnot.
It's fine if iptables' startup in Gentoo shiz's the bed. It doesn't mean iptables won't work. It only means the saved iptables-save file didn't load on startup. You can still use the rules ivanatora suggested to setup ip masq by typing those rules, just as he/she/it suggested.
thx but in the end it boiled down to iptables not working right, not my config. no matter what, me or to a greater extent, blindsight, through ssh,who posted up there, tried to do, iptables would not work. it was not a simple config problem. iptables was just jacked up. in the end i decided to ditch gentoo in favor of a distro i know better, slackware. now i know this wasnt gentoo's fault, but it got kicked to the curb anyway. its too bad because i actually liked it alot, it was faster than any distro ive ever tried and everything was fine except iptables. but i have been workin on gettin everything set up the way i like it for a week straight. and thats just too long. maybe ill try gentoo again once i know iptables a little better, exactly what the kernel needs to support, and what dependencies it has on other programs/services. for those of you not understanding me, try out gentoo...
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.